Chris:
Hello! I need to update the documentation. :) The libeay32 inclusion
was such a hassle that we included it by default in the echoWare DLL,
for all versions 1.70 an onward. So...in EchoVNC, you can see the
DLL version number on the Status page. In echoWinVNC, the version
number is in the lower right-hand corner of the startup GUI.
Which is all to say...128-bit AES encryption should be on by default
in all of the recent releases. In the 1.5 release of EchoVNC, we're
actually going to simply remove the button that allows users to turn
it off. We will add some sort of "encryption indicator", though, so the
end user's can be assured it's active.
To actually *prove* it's active...you'd need to use a packet capture
tool like ethereal. Run that anywhere in the connection chain, and
focus on the packets exchanged at the start of the VNC connection.
You should *not* be able to find any "RFB" connection string, which
you would be able to in cleartext.
As for the VNC Viewer itself...it "doesn't know" that the connection
is secured. It sorta looks like this:
VNC Viewer -> echoWare -> echoServer -> echoWare -> VNC Server
Everything "echoWare to echoWare" is secured with openssl's
encryption toolkit. So any encryption that's actually used by the
VNC Viewer and Server themselves would be in addition to what's
already there.
Hope that helps!
-Scott
On Mar 7, 2006, at 8:27 AM, Chris Betts wrote:
Hi
I am currently testing using a setup of:
EchoServer
EchoWinVNC on the server PC
EchoVNC on the Client PC's using VNCViewer
All downloaded as the EchoWare RSS 1.2 pack last week
All is working fine, both internally across the network and
externally.
As indicated in the VNC Faq-o-matic (http://faq.gotomyvnc.com/fom-
serve/cache/155.html) to enable SSH I have installed a copy of
libeay32.dll in the echoVNC folder on the Client PC's (and also in
the EchoWinVNC folders although I don't think that this is the
correct place for it as it appears to run from a hidden TMP folder
which is destroyed after close)
On the EchoVNC "Main" tab the Setting "Use 128-bit AES encryption"
is ticked
The Problem: (or may not be!?!)
If I click on "Connection Info.." in the VNCViewer control menu it
shows "Encryption: No encryption"
I am using a copy of libeay32.dll from the OffByOne web browser
because I cant find the where to download the correct pack from the
www.openssl.org website (its not included in the Windows Binary on
that site)
If I run VNCViewer directly (i.e. not via EchoVNC") the drop down
shows "Encryption Always off"
- Is the communication really encrypted ... but not being reported
correctly?
- Should I be using another version of libeay32.dll
- is libeay32.dll installed in the correct place(s)
- Am I missing something?
Thanks
Chris Betts
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642
_______________________________________________
Echovnc-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/echovnc-users
